Month: March 2020
-
Vulnerability reporting is dysfunctional
By Kevin Lee, Ben Kaiser, Jonathan Mayer, and Arvind Narayanan In January, we released a study showing the ease of SIM swaps at five U.S. prepaid carriers. These attacks—in which an adversary tricks telecoms into moving the victim’s phone number to a new SIM card under the attacker’s control—divert calls and SMS text messages away…
-
Building a Bridge with Concrete… Examples
Thanks to Annette Zimmermann and Arvind Narayanan for their helpful feedback on this post. Algorithmic bias is currently generating a lot of lively public and scholarly debate, especially amongst computer scientists and philosophers. But do these two groups really speak the same language—and if not, how can they start to do so? I noticed at…
-
The CheapBit of Fitness Trackers Apps
Yan Shvartzshnaider (@ynotez) and Madelyn Sanfilippo (@MrsMRS_PhD) Fitness trackers are “[devices] that you can wear that records your daily physical activity, as well as other information about your health, such as your heart rate” [Oxford Dictionary]. The increasing popularity of wearable devices offered by Apple, Google, Nike inadvertently led cheaper versions to flood the market,…
-
Ballot-level comparison audits: BMD
In my previous posts, I’ve been discussing ballot-level comparison audits, a form of risk-limiting audit. Ballots are imprinted with serial numbers (after they leave the voter’s hands); during the audit, a person must find a particular numbered ballot in a batch of a thousand (more or less). With CCOS (central-count optical scan) this works fine:…
-
Finding a randomly numbered ballot
In my previous posts, I’ve been discussing ballot-level comparison audits, a form of risk-limiting audit. Ballots are imprinted with serial numbers (after they leave the voter’s hands); during the audit, a person must find a particular numbered ballot in a batch of a thousand (more or less). If the ballot papers are numbered consecutively, that’s…
-
Why we can’t do random selection the other way round in PCOS RLAs
In my last article, I posed this puzzle for the reader. We want to do ballot-level comparison audits, a form of RLA (risk-limiting audit) on a precinct-count optical-scan (PCOS) voting system. This requires a serial number printed on every ballot, linked with an entry in the cast-vote-record (CVR) file. The standard method is to pick…
-
Ballot-level comparison audits: precinct-count
Special bonus: This article contains two puzzles for the reader, marked in green. Try to solve them yourself before reading the solutions in a future post! In my last post I described a particularly efficient kind of risk-limiting audit (RLA) of election results: ballot-level comparison audits, which rely on a unique serial number on every…
-
Ballot-level comparison audits: central-count
All voting machines these days are computers, and any voting machine that is a computer can be hacked to cheat. The widely accepted solution is to use voting machines to count paper ballots, and do Risk-Limiting Audits: random-sample inspections of those paper ballots to ensure (with a guaranteed level of assurance) that the election outcome…